Linux Kernel RDMA GID Entry Reference Leak Vulnerability

A vulnerability in the Linux kernel's RDMA (Remote Direct Memory Access) subsystem has been addressed. This issue involved a reference leak of the GID (Global Identifier) entry when the 'create_ah' (Address Handle) creation request failed. The vulnerability was present in the kernel's handling of RDMA address handles, specifically within the Infiniband core verbs driver.

Impact

The vulnerability could lead to a memory leak by not properly releasing GID entries when an Address Handle creation fails, potentially causing increased memory usage over time.

Reproduction

The vulnerability can be reproduced by attempting to create an Address Handle (AH) using a specific Global Identifier (GID) entry. If the creation request fails, the associated GID entry reference is not properly released, leading to a reference leak. This can be observed by monitoring the GID table entries before and after the AH creation attempt, noting that the leaked reference is not cleared when the creation fails.

Remediation

Users can apply the latest patches available in the Linux kernel stable tree to address this vulnerability. The patch is included in the official Linux kernel repositories.